Security News > 2021 > January > SolarWinds hackers had access to over 3,000 US DOJ email accounts
The US Department of Justice said that the attackers behind the SolarWinds supply chain attack have gained access to roughly 3% of the department's Office 365 email inboxes.
The Justice Department currently employs over 115,000 people [1, 2] which translates to around 3450 potentially breached mailboxes.
DoJ's Office of the Chief Information Officer detected malicious activity on December 24th, 2020, related to the SolarWinds hack that impacted several federal agencies and technology contractors.
"This activity involved access to the Department's Microsoft O365 email environment," DoJ Spokesman Marc Raimondi said in a statement published earlier today.
The OCIO blocked the method used by the attackers to gain access to the DOJ Office 365 email accounts after learning of this malicious activity.
This statement confirms a Microsoft report saying that the end goal of the SolarWinds supply chain compromise was to provide the attackers with access to the targets' cloud assets after deploying the Sunburst/Solorigate backdoor on their local networks.
News URL
Related news
- U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- US lawmakers push DOJ to prosecute tax prep firms for leaking taxpayer data to big tech (source)
- US says Chinese hackers breached multiple telecom providers (source)
- US indicts Snowflake hackers who extorted $2.5 million from 3 victims (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)